Commit Graph

16263 Commits (ad8516eacf0eb96cca5f4b3ceca5863c547b543a)

Author SHA1 Message Date
kernelsmith ad8516eacf fixed prompt issue, still need to restore context
see line 2519 area.
msf  exploit(psexec) > grep -i -A 2 encoding show
<snip>
msf>
2013-01-15 17:57:28 -06:00
kernelsmith 4d33742482 fixed bug with -A 2013-01-15 17:35:57 -06:00
kernelsmith 86e4bb2db5 yard doc fixed and added for all _tabs methods 2013-01-15 16:42:02 -06:00
kernelsmith c60556389f add yard doc and allow for -A and -B at same time 2013-01-15 16:22:04 -06:00
kernelsmith 9ad726167e changes to address scriptjunkie's rpc concerns
as described in https://github.com/rapid7/metasploit-framework/pull/820
2013-01-14 17:14:48 -06:00
kernelsmith 9bb2dddf99 adds @todo for when tab_comp norm is completed
tab_completion normalization is RM7649
2013-01-14 14:53:31 -06:00
kernelsmith 7ca9a216f4 Merge remote-tracking branch 'upstream/master' into msfconsole-grep 2013-01-14 14:15:32 -06:00
kernelsmith 3c44769bd8 attempt to add nested tab completion 2013-01-14 14:15:13 -06:00
jvazquez-r7 c6c59ace46 final cleanup 2013-01-14 20:53:19 +01:00
jvazquez-r7 5ecb0701ea Merge branch 'freesshd_authbypass' of https://github.com/danielemartini/metasploit-framework into danielemartini-freesshd_authbypass 2013-01-14 20:52:45 +01:00
jvazquez-r7 702638a6a3 final cleanup 2013-01-14 17:36:24 +01:00
jvazquez-r7 b0a339708d Merge branch 'w3totalcache' of https://github.com/FireFart/metasploit-framework into FireFart-w3totalcache 2013-01-14 17:35:48 +01:00
Christian Mehlmauer b11fd48b05 implemented juans feedback 2013-01-14 17:06:52 +01:00
Christian Mehlmauer 8b85f7d977 fix msftidy 2013-01-14 14:55:53 +01:00
Christian Mehlmauer 0acbcfd964 fix url path 2013-01-14 14:39:50 +01:00
Christian Mehlmauer c17ee70e66 Use target_uri for the wordpress url 2013-01-14 14:34:34 +01:00
Christian Mehlmauer 0c95938b1d Added a request to force db caching 2013-01-13 20:12:37 +01:00
Daniele Martini 04fe1dae11 Added module for Freesshd Authentication Bypass (CVE-2012-6066)
This module works against FreeSSHD <= 1.2.6. Tested against
password and public key authentication methods. It will generate
a random key and password.

To use it you need to know a valid username. The module contains
a basic bruteforce methods, so you can specify more than one to try.
2013-01-13 17:08:04 +01:00
kernelsmith 7f90082bec grep tab complete is working, but not fully
options tab complete, but not the commands at the end
2013-01-13 03:06:56 -06:00
kernelsmith d9990829d9 fixes some issues with -k and -s 2013-01-13 02:39:56 -06:00
kernelsmith 1646fc8faa Merge remote-tracking branch 'upstream/master' into msfconsole-grep 2013-01-13 02:18:54 -06:00
kernelsmith e7372250d2 added -k keep and -s skip 2013-01-13 02:18:45 -06:00
James Lee 4703a6f737 Unbreak OptInt hex syntax
* Fix spec for no-longer-pending tests
* Fix regex in OptInt#valid? to allow hex syntax again

[See #1293][See #1296]
2013-01-12 14:17:29 -06:00
James Lee 5fc008566f Merge branch 'master' of github.com:rapid7/metasploit-framework into rapid7 2013-01-12 14:08:47 -06:00
Christian Mehlmauer 27f100d37c fix email 2013-01-12 14:24:29 +01:00
Christian Mehlmauer d36c966931 spaces 2013-01-12 14:22:38 +01:00
Christian Mehlmauer 93b5980210 fix 2013-01-12 14:13:54 +01:00
Christian Mehlmauer 0b8094eb5d w3_total_cache 2013-01-12 14:09:59 +01:00
HD Moore 06fb8f5443 Merge pull request #1293 from wchen-r7/optint_valid
Fix OptInt's valid?() function
2013-01-11 17:29:27 -08:00
HD Moore bfc7c3ad0a Merge pull request #1278 from kernelsmith/gitignore
change doc to doc/ in .gitignore
2013-01-11 17:28:48 -08:00
HD Moore c1997e3b9d Merge pull request #1296 from wchen-r7/normalize_optport
[FixRM: #7535] Missing normalize() in OptPort
2013-01-11 17:23:12 -08:00
kernelsmith 0b130e49e7 Squashed commit of the following:
commit 1beebe758c32a277e0a77f7d1011a56fda707732
Author: kernelsmith <kernelsmith@kernelsmith>
Date:   Fri Jan 11 17:55:27 2013 -0600

    fixes missing word in descript. of rails exploit

    simple omission fix in description

[Closes #1295]
2013-01-11 19:02:06 -06:00
sinn3r 8c04df4a47 [FixRM: #7535] Missing normalize() in OptPort
[FixRM: #7535] - Sometimes OptPort can return as a String instead
of Fixnum because OptPort is missing the normalize() function.
2013-01-11 18:34:27 -06:00
James Lee f9fe9441f0 Merge remote-tracking branch 'wchen-r7/optint_valid' into rapid7 2013-01-11 17:43:19 -06:00
sinn3r ef6eec949c Move impersonate_ssl
To 'gather', because it grabs stuff, not scans.
2013-01-11 17:22:27 -06:00
sinn3r 0347b173eb Fix OptInt's valid?() function
[FixRM #7539] - The valid?() function will first normalize() the
user-supplied input before validation.  The problem is that the
normalize() function will ALWAYS convert data to integer, therefore
whatever you validate, you will always get true.  For example:
when I do "yomama".to_i, that returns 0, and of course will pass
integer validation.
2013-01-11 16:27:33 -06:00
sinn3r 4adf429c31 Adds one more ref 2013-01-11 01:33:26 -06:00
sinn3r 23ef8280be Merge branch 'java_0day_refs' of github.com:jvazquez-r7/metasploit-framework into jvazquez-r7-java_0day_refs
Conflicts:
	modules/exploits/multi/browser/java_jre17_jmxbean.rb
2013-01-11 01:33:11 -06:00
HD Moore 6471a70053 Pass the X-HTTP-Method-Override parameter for compat 2013-01-10 20:27:13 -06:00
sinn3r e709811c5a CVE update 2013-01-10 19:51:04 -06:00
jvazquez-r7 2c05af721c module also updated with refs 2013-01-11 00:57:05 +01:00
jvazquez-r7 51f3f59d2f cve and references available 2013-01-11 00:54:53 +01:00
James Lee 19ff7f93ae Merge remote-tracking branch 'wchen-r7/encoder_fixes' into rapid7 2013-01-10 17:41:08 -06:00
James Lee 0f346dde9e Some whitespace and ruby -c fixes 2013-01-10 17:29:54 -06:00
James Lee ab64c428ab Merge remote-tracking branch 'kernelsmith/RM7676-migrate-h' into rapid7 2013-01-10 17:24:11 -06:00
James Lee 70c8296856 Merge branch 'master' of github.com:rapid7/metasploit-framework into rapid7 2013-01-10 17:20:24 -06:00
James Lee d4854606f2 Cosmetic fixes
[FixRM #7223][See #1283]
2013-01-10 17:18:25 -06:00
sinn3r 192279544b BufferRegister should be validated.
If BufferRegister is in lower-case, then gen_decoder_prefix will
return nil.  When the return value is nil, other functions like
gen_decoder() will backtrace due to a "undefined method "+" for nil"
error.  Therefore, this input should NOT be case-sensitive.

Also, if for some reason the user supplies an invalid BufferRegister,
the function should be aware of that and warn the user about the
bad input.
2013-01-10 17:14:38 -06:00
jvazquez-r7 6a7f8758e0 Merge branch 'master' of https://github.com/rapid7/metasploit-framework 2013-01-11 00:14:22 +01:00
sinn3r 0527a7ee9b Import datastore options when using an encoder
If you can't pass datastore options, sometimes you can't even
use an encoder.  [FixRM #7681]
2013-01-10 17:11:58 -06:00